Max CVSS 10.0 Min CVSS 2.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2015-6820 7.5
The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg before 2.7.2 does not check for a matching AAC frame syntax element before proceeding with Spectral Band Replication calculations, which allows remote attackers to cause a denial of service (
21-12-2018 - 11:29 06-09-2015 - 02:59
CVE-2015-6822 7.5
The destroy_buffers function in libavcodec/sanm.c in FFmpeg before 2.7.2 does not properly maintain height and width values in the video context, which allows remote attackers to cause a denial of service (segmentation violation and application crash
21-12-2018 - 11:29 06-09-2015 - 02:59
CVE-2015-6826 7.5
The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified o
21-12-2018 - 11:29 06-09-2015 - 02:59
CVE-2015-6825 7.5
The ff_frame_thread_init function in libavcodec/pthread_frame.c in FFmpeg before 2.7.2 mishandles certain memory-allocation failures, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified oth
21-12-2018 - 11:29 06-09-2015 - 02:59
CVE-2015-6821 7.5
The ff_mpv_common_init function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other i
21-12-2018 - 11:29 06-09-2015 - 02:59
CVE-2015-6823 7.5
The allocate_buffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote attackers to cause a denial of service (segmentation violation) or possibly have unspecified other impact via craf
21-12-2018 - 11:29 06-09-2015 - 02:59
CVE-2015-6818 7.5
The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a denial of service (out-of-bounds array access) or p
21-12-2018 - 11:29 06-09-2015 - 02:59
CVE-2015-6824 7.5
The sws_init_context function in libswscale/utils.c in FFmpeg before 2.7.2 does not initialize certain pixbuf data structures, which allows remote attackers to cause a denial of service (segmentation violation) or possibly have unspecified other impa
21-12-2018 - 11:29 06-09-2015 - 02:59
CVE-2011-3937 10.0
The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 has unspecified impact an
30-10-2018 - 16:25 05-01-2013 - 00:55
CVE-2012-2791 10.0
Multiple unspecified vulnerabilities in the (1) decode_band_hdr function in indeo4.c and (2) ff_ivi_decode_blocks function in ivi_common.c in libavcodec/ in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, have unknown impact
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2788 10.0
Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array read" when a "packet is s
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2782 10.0
Unspecified vulnerability in the decode_slice_header function in libavcodec/h264.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to a "rejected resolution change."
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2779 10.0
Unspecified vulnerability in the decode_frame function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an invalid "gop header" and decoding in a "hal
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2794 10.0
Unspecified vulnerability in the decode_mb_info function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "allocated tile size ... mismatches paramet
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2785 10.0
Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 have unknown impact and attack vectors, related to (1) "some subframes only encode some channels" or (2) a large order value.
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2777 10.0
Unspecified vulnerability in the decode_pic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing in CAVS," a different vu
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2800 10.0
Unspecified vulnerability in the ff_ivi_process_empty_tile function in libavcodec/ivi_common.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "tile size ... mismatches pa
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2774 5.0
The ff_MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors, related to starting "a frame outside SETUP state."
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2804 10.0
Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors, related to "reallocation code" and the luma height and width.
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2795 10.0
Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 have unknown impact and attack vectors related to (1) size of "mclms arrays," (2) "a get_bits(0) in decode_ac_filter," and (3) "too many bits in decode_channel_
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2776 10.0
Unspecified vulnerability in the decode_cell_data function in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to an "out of picture write."
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2801 10.0
Unspecified vulnerability in libavcodec/avs.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to dimensions and "out of array writes."
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2802 10.0
Unspecified vulnerability in the ac3_decode_frame function in libavcodec/ac3dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "number of output channels" and "out of array writes."
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2792 10.0
Unspecified vulnerability in the decode_init function in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the samples per frame.
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2775 10.0
Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to a large order and an "out of array writ
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2772 10.0
Unspecified vulnerability in the ff_rv34_decode_frame function in libavcodec/rv34.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing with frame thread
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2799 10.0
Unspecified vulnerability in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the "put bit buffer when num_saved_bits is reset."
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2803 10.0
Double free vulnerability in the mpeg_decode_frame function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to resetting the data size value.
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2790 10.0
Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to the "number of decoded samples in first
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2798 10.0
Unspecified vulnerability in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array write."
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2797 10.0
Unspecified vulnerability in the decode_frame_mp3on4 function in libavcodec/mpegaudiodec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors related to a calculation that prevents a frame from being "large enoug
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2796 10.0
Unspecified vulnerability in the vc1_decode_frame function in libavcodec/vc1dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to inconsistencies in "coded slice positions and interlacing" that tri
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2793 10.0
Unspecified vulnerability in the lag_decode_zero_run_line function in libavcodec/lagarith.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors related to "too many zeros."
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2789 10.0
Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to a large number of vector coded coefficient
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2787 10.0
Unspecified vulnerability in the decode_frame function in libavcodec/indeo4.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "setup width/height."
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2786 10.0
Unspecified vulnerability in the decode_wdlt function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array write."
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2784 10.0
Unspecified vulnerability in the decode_pic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing in CAVS," a different vu
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-2783 10.0
Unspecified vulnerability in libavcodec/vp56.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to "freeing the returned frame."
30-10-2018 - 16:25 10-09-2012 - 22:55
CVE-2012-0854 5.0
The dpcm_decode_frame function in libavcodec/dpcm.c in FFmpeg before 0.9.1 does not use the proper pointer after an audio API change, which allows remote attackers to cause a denial of service (application crash) via unspecified vectors, which trigge
30-10-2018 - 16:25 20-08-2012 - 19:55
CVE-2012-0855 5.0
Heap-based buffer overflow in the get_sot function in the J2K decoder (j2k.c) in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) via unspecified vectors related to the curtileno variable.
30-10-2018 - 16:25 27-08-2012 - 23:55
CVE-2012-0856 2.6
Heap-based buffer overflow in the MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg before 0.9.1, when the lowres option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted H263 media file. N
30-10-2018 - 16:25 20-08-2012 - 19:55
CVE-2012-0850 4.3
The sbr_qmf_synthesis function in libavcodec/aacsbr.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) via a crafted mpg file that triggers memory corruption involving the v_off variable, probably a buff
30-10-2018 - 16:25 20-08-2012 - 19:55
CVE-2012-0857 5.0
Multiple buffer overflows in the get_qcx function in the J2K decoder (j2kdec.c) in libavcode in FFmpeg before 0.9.1 allow remote attackers to cause a denial of service (application crash) via unspecified vectors.
30-10-2018 - 16:25 20-08-2012 - 19:55
CVE-2012-0849 4.3
Integer overflow in the ff_j2k_dwt_init function in libavcodec/j2k_dwt.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted JPEG2000 image that triggers an incorrect ch
30-10-2018 - 16:25 27-08-2012 - 23:55
CVE-2012-0859 6.8
The render_line function in the vorbis codec (vorbis.c) in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Vorbis file, related to a large mu
29-08-2017 - 01:31 20-08-2012 - 18:55
CVE-2012-0851 6.8
The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (appl
29-08-2017 - 01:31 20-08-2012 - 18:55
CVE-2012-0852 6.8
The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) a
29-08-2017 - 01:31 20-08-2012 - 18:55
CVE-2012-0848 4.3
Heap-based buffer overflow in the ws_snd_decode_frame function in libavcodec/ws-snd1.c in FFmpeg 0.9.1 allows remote attackers to cause a denial of service (application crash) via a crafted media file, related to an incorrect calculation, aka "wrong
29-08-2017 - 01:31 20-08-2012 - 19:55
CVE-2013-7020 6.8
The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have uns
07-01-2017 - 02:59 09-12-2013 - 16:36
CVE-2015-6819 7.5
Multiple integer underflows in the ff_mjpeg_decode_frame function in libavcodec/mjpegdec.c in FFmpeg before 2.7.2 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted M
22-12-2016 - 03:00 06-09-2015 - 02:59
CVE-2013-7015 6.8
The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg before 2.1 does not properly validate a certain height value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified oth
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-7011 6.8
The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not prevent changes to global parameters, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-7019 6.8
The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not properly validate the reduction factor, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact v
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-7022 6.8
The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 does not properly allocate memory for tiles, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact v
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-7017 6.8
libavcodec/jpeg2000.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via crafted JPEG2000 data. Per: http://cwe.mitre.org/data/definitions/476.html "C
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-7018 6.8
libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use of valid code-block dimension values, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-7016 6.8
The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact vi
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-7024 6.8
The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not consider the component number in certain calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly hav
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-7021 6.8
The filter_frame function in libavfilter/vf_fps.c in FFmpeg before 2.1 does not properly ensure the availability of FIFO content, which allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact via c
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-7014 6.8
Integer signedness error in the add_bytes_l2_c function in libavcodec/pngdsp.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted PNG data.
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-7008 6.8
The decode_slice_header function in libavcodec/h264.c in FFmpeg before 2.1 incorrectly relies on a certain droppable field, which allows remote attackers to cause a denial of service (deadlock) or possibly have unspecified other impact via crafted H.
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-7023 6.8
The ff_combine_frame function in libavcodec/parser.c in FFmpeg before 2.1 does not properly handle certain memory-allocation errors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-7009 6.8
The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other i
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-7012 6.8
The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not prevent attempts to use non-zero image offsets, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-7013 6.8
The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 uses an incorrect ordering of arithmetic operations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-7010 6.8
Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data.
03-12-2016 - 03:00 09-12-2013 - 16:36
CVE-2013-3672 4.3
The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg before 1.2.1 does not validate the relationship between a horizontal coordinate and a width value, which allows remote attackers to cause a denial of service (out-of-bounds array acces
28-10-2015 - 01:23 10-06-2013 - 03:19
CVE-2013-3674 4.3
The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg before 1.2.1 does not validate the presence of non-header data in a buffer, which allows remote attackers to cause a denial of service (out-of-bounds array access and application c
28-10-2015 - 01:23 10-06-2013 - 03:19
CVE-2013-3675 4.3
The process_frame_obj function in sanm.c in libavcodec in FFmpeg before 1.2.1 does not validate width and height values, which allows remote attackers to cause a denial of service (integer overflow, out-of-bounds array access, and application crash)
04-10-2013 - 16:41 10-06-2013 - 03:19
CVE-2013-3671 4.3
The format_line function in log.c in libavutil in FFmpeg before 1.2.1 uses inapplicable offset data during a certain category calculation, which allows remote attackers to cause a denial of service (invalid pointer dereference and application crash)
10-06-2013 - 04:00 10-06-2013 - 03:19
CVE-2013-3673 4.3
The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg before 1.2.1 does not properly manage the disposal methods of frames, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via
10-06-2013 - 04:00 10-06-2013 - 03:19
CVE-2012-0847 4.3
Heap-based buffer overflow in the avfilter_filter_samples function in libavfilter/avfilter.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) via a crafted media file.
21-08-2012 - 15:29 20-08-2012 - 19:55
Back to Top Mark selected
Back to Top